CVE-2007-3485 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI.

Reference

http://osvdb.org/37520 http://websecurity.com.ua/1018/ http://websecurity.com.ua/670/